Records |
Author |
Kim Weyns; Martin Höst |
Title |
Risk analysis for critical systems with reliability block diagrams |
Type |
Conference Article |
Year |
2012 |
Publication |
ISCRAM 2012 Conference Proceedings – 9th International Conference on Information Systems for Crisis Response and Management |
Abbreviated Journal |
ISCRAM 2012 |
Volume |
|
Issue |
|
Pages |
|
Keywords |
Availability; Hospital data processing; Information systems; Reliability analysis; Risk assessment; Complex failure; Critical systems; Government; Patient data; Reliability block diagrams; Relief activities; Risk analysis methods; Vulnerability analysis; Risk analysis |
Abstract |
Governmental organisations are becoming more critically dependant on IT systems such as communication systems or patient data systems, both for their everyday tasks and their role in crisis relief activities. Therefore it is important for the organisation to analyse the reliability of these systems as part of the organisation's risk and vulnerability analysis process. This paper presents a practical risk analysis method for critical, large-scale IT systems in an organisation. The method is based on reliability block diagram modelling and was adapted to fit the requirements of governmental organisations and to reduce the effort required to capture complex failure behaviour. The paper first explicitly lists the requirements that such a risk analysis method must fulfil, then presents the proposed risk analysis method and finally outlines the planned evaluation of this method. © 2012 ISCRAM. |
Address |
Lund University, Sweden |
Corporate Author |
|
Thesis |
|
Publisher |
Simon Fraser University |
Place of Publication |
Vancouver, BC |
Editor |
L. Rothkrantz, J. Ristvej, Z.Franco |
Language |
English |
Summary Language |
English |
Original Title |
|
Series Editor |
|
Series Title |
|
Abbreviated Series Title |
|
Series Volume |
|
Series Issue |
|
Edition |
|
ISSN |
2411-3387 |
ISBN |
9780864913326 |
Medium |
|
Track |
Planning and Foresight |
Expedition |
|
Conference |
9th International ISCRAM Conference on Information Systems for Crisis Response and Management |
Notes |
|
Approved |
no |
Call Number |
|
Serial |
239 |
Share this record to Facebook |
|
|
|
Author |
Sardar Muhammad Sulaman; Taimor Abbas; Krzysztof Wnuk; Martin Höst |
Title |
Hazard analysis of collision avoidance system using STPA |
Type |
Conference Article |
Year |
2014 |
Publication |
ISCRAM 2014 Conference Proceedings – 11th International Conference on Information Systems for Crisis Response and Management |
Abbreviated Journal |
ISCRAM 2014 |
Volume |
|
Issue |
|
Pages |
424-428 |
Keywords |
Information systems; Risk analysis; Safety devices; Systems engineering; Collision avoidance systems; Forward collision; Hazard analysis; IT system; Process analysis; Safety critical systems; Stpa; Time efficiencies; Hazards |
Abstract |
As our society becomes more and more dependent on IT systems, failures of these systems can harm more and more people and organizations both public and private. Diligently performing risk and hazard analysis helps to minimize the societal harms of IT system failures. In this paper we present experiences gained by applying the System Theoretic Process Analysis (STPA) method for hazard analysis on a forward collision avoidance system. Our main objectives are to investigate effectiveness in terms of the number and quality of identified hazards, and time efficiency in terms of required efforts of the studied method. Based on the findings of this study STPA has proved to be an effective and efficient hazard analysis method for assessing the safety of a safety-critical system and it requires a moderate level of effort. |
Address |
Dept. of Computer Science, Lund University, Sweden; Dept. of Electrical and Information Technology, Lund University, Sweden |
Corporate Author |
|
Thesis |
|
Publisher |
The Pennsylvania State University |
Place of Publication |
University Park, PA |
Editor |
S.R. Hiltz, M.S. Pfaff, L. Plotnick, and P.C. Shih. |
Language |
English |
Summary Language |
English |
Original Title |
|
Series Editor |
|
Series Title |
|
Abbreviated Series Title |
|
Series Volume |
|
Series Issue |
|
Edition |
|
ISSN |
2411-3387 |
ISBN |
9780692211946 |
Medium |
|
Track |
Planning, Foresight and Risk Analysis |
Expedition |
|
Conference |
11th International ISCRAM Conference on Information Systems for Crisis Response and Management |
Notes |
|
Approved |
no |
Call Number |
|
Serial |
982 |
Share this record to Facebook |
|
|
|
Author |
Kim Weyns; Martin Höst |
Title |
Case study on risk analysis for critical systems with reliability block diagrams |
Type |
Conference Article |
Year |
2013 |
Publication |
ISCRAM 2013 Conference Proceedings – 10th International Conference on Information Systems for Crisis Response and Management |
Abbreviated Journal |
ISCRAM 2013 |
Volume |
|
Issue |
|
Pages |
693-702 |
Keywords |
Availability; Information systems; Reliability; Risk assessment; Risk perception; Complex failure; Critical systems; Failure category; Government; Organisational; Reliability block diagrams; Risk analysis methods; Vulnerability analysis; Risk analysis |
Abstract |
This paper presents a practical risk analysis method for critical, large-scale IT systems in an organisation. The method is based on reliability block diagram modelling and was adapted to fit the requirements of governmental organisations and to reduce the effort required to capture complex failure behaviour. Through the use of different failure categories the risk analysis can be simplified, the input data becomes easier to estimate and the results are easier to use in an organisational risk and vulnerability analysis. The paper first explicitly describes the different steps of the method and then presents a case study in which the method was applied and evaluated in a real-life setting. The method is meant to help an organisation to communicate internally about the reliability of their critical IT systems and to prioritise proposed improvements to this reliability. |
Address |
Department of Computer Science, Lund University, Sweden |
Corporate Author |
|
Thesis |
|
Publisher |
Karlsruher Institut fur Technologie |
Place of Publication |
KIT; Baden-Baden |
Editor |
T. Comes, F. Fiedrich, S. Fortier, J. Geldermann and T. Müller |
Language |
English |
Summary Language |
English |
Original Title |
|
Series Editor |
|
Series Title |
|
Abbreviated Series Title |
|
Series Volume |
|
Series Issue |
|
Edition |
|
ISSN |
2411-3387 |
ISBN |
9783923704804 |
Medium |
|
Track |
Planning and Foresight |
Expedition |
|
Conference |
10th International ISCRAM Conference on Information Systems for Crisis Response and Management |
Notes |
|
Approved |
no |
Call Number |
|
Serial |
1078 |
Share this record to Facebook |
|
|
|
Author |
Kim Weyns; Martin Höst |
Title |
Dependability of IT systems in municipal emergency management |
Type |
Conference Article |
Year |
2009 |
Publication |
ISCRAM 2009 – 6th International Conference on Information Systems for Crisis Response and Management: Boundary Spanning Initiatives and New Perspectives |
Abbreviated Journal |
ISCRAM 2009 |
Volume |
|
Issue |
|
Pages |
|
Keywords |
Civil defense; Disasters; Information systems; Risk assessment; Risk management; Crisis situations; Dependability; Emergency management; Emergency planning; IT management; Municipal emergencies; Process improvement frameworks; Vulnerability analysis; Human resource management |
Abstract |
In recent years governmental actors have become more and more dependent on IT systems for their responsibilities in a crisis situation. To avoid unexpected problems with the dependability of IT systems in the aftermath of a crisis it is important that such risks are identified and that measures can be taken to reduce the dependence on systems that could be unreliable. This paper describes two case studies exploring how Swedish municipalities incorporate IT systems in their emergency planning. The study focuses especially on how different actors within a municipality cooperate to analyse the risks of depending on IT systems in critical situations. The study shows that today there is much room for improvement, especially in the communication between IT personnel and emergency managers. Finally, this paper describes the requirements for a process improvement framework that can assist governmental actors in analysing and improving their dependency on IT systems in emergency management. |
Address |
Lund University, Sweden |
Corporate Author |
|
Thesis |
|
Publisher |
Information Systems for Crisis Response and Management, ISCRAM |
Place of Publication |
Gothenburg |
Editor |
J. Landgren, S. Jul |
Language |
English |
Summary Language |
English |
Original Title |
|
Series Editor |
|
Series Title |
|
Abbreviated Series Title |
|
Series Volume |
|
Series Issue |
|
Edition |
|
ISSN |
2411-3387 |
ISBN |
9789163347153 |
Medium |
|
Track |
Open Track |
Expedition |
|
Conference |
6th International ISCRAM Conference on Information Systems for Crisis Response and Management |
Notes |
|
Approved |
no |
Call Number |
|
Serial |
1079 |
Share this record to Facebook |
|
|
|
Author |
Sardar Sulaman; Martin Höst |
Title |
Risk Analysis and Management of IT Systems: Practice and Challenges |
Type |
Conference Article |
Year |
2018 |
Publication |
ISCRAM 2018 Conference Proceedings – 15th International Conference on Information Systems for Crisis Response and Management |
Abbreviated Journal |
Iscram 2018 |
Volume |
|
Issue |
|
Pages |
831-840 |
Keywords |
risk analysis, current practice, challenges |
Abstract |
Risk analysis is important for safety-critical IT systems and services, both in public and private organizations. However, the actual practices and the challenges of risk analysis in these contexts have not been fully explored. This paper investigates the current practices of risk analysis by an interview-based investigation. This study investigates several factors of the risk analysis process, e.g., its importance, identification of critical resources, definitions of roles, involvement of different stakeholders, used methods, and follow-up analysis. Furthermore, this study also investigates existing challenges in the current practices of risk analysis. A number of challenges are identified, e.g., that risk analysis requires competence both about the risk analysis procedures and the analyzed system, which is challenging to identify, and that it is challenging to follow-up and repeat a risk-analysis that is conducted. The identified challenges can be useful when new risk analysis methods are defined. |
Address |
|
Corporate Author |
|
Thesis |
|
Publisher |
Rochester Institute of Technology |
Place of Publication |
Rochester, NY (USA) |
Editor |
Kees Boersma; Brian Tomaszeski |
Language |
English |
Summary Language |
English |
Original Title |
|
Series Editor |
|
Series Title |
|
Abbreviated Series Title |
|
Series Volume |
|
Series Issue |
|
Edition |
|
ISSN |
2411-3387 |
ISBN |
978-0-692-12760-5 |
Medium |
|
Track |
Case studies and reflections from practice |
Expedition |
|
Conference |
ISCRAM 2018 Conference Proceedings - 15th International Conference on Information Systems for Crisis Response and Management |
Notes |
|
Approved |
no |
Call Number |
|
Serial |
2155 |
Share this record to Facebook |